20% OFF Passleader 350-018 Study Materials Ensure 100% PASS (151-160)

QUESTION 151
Which three statements are true about PIM-SM operations? (Choose three.)

A.    PIM-SM supports RP configuration using static RP, Auto-RP, or BSR.
B.    PIM-SM uses a shared tree that is rooted at the multicast source.
C.    Different RPs can be configured for different multicast groups to increase RP scalability.
D.    Candidate RPs and RP mapping agents are configured to enable Auto-RP.
E.    PIM-SM uses the implicit join model.

Answer: ACD

QUESTION 152
An IPv6 multicast receiver joins an IPv6 multicast group using which mechanism?

A.    IGMPv3 report
B.    IGMPv3 join
C.    MLD report
D.    general query
E.    PIM join

Answer: C

QUESTION 153
Which configuration implements an ingress traffic filter on a dual-stack ISR border router to prevent attacks from the outside to services such as DNSv6 and DHCPv6?

A.    !
ipv6 access-list test
deny ipv6 FF05::/16 any
deny ipv6 any FF05::/16
! output omitted
permit ipv6 any any
!
B.    !
ipv6 access-list test
permit ipv6 any FF05::/16
! output omitted
deny ipv6 any any
!
C.    !
ipv6 access-list test
deny ipv6 any any eq dns
deny ipv6 any any eq dhcp
! output omitted
permit ipv6 any any
!
D.    !
ipv6 access-list test
deny ipv6 any 2000::/3
! output omitted
permit ipv6 any any
!
E.    !
ipv6 access-list test
deny ipv6 any FE80::/10
! output omitted
permit ipv6 any any
!

Answer: A

QUESTION 154
Which two security measures are provided when you configure 802.1X on switchports that connect to corporate-controlled wireless access points? (Choose two.)

A.    It prevents rogue APs from being wired into the network.
B.    It provides encryption capability of data traffic between APs and controllers.
C.    It prevents rogue clients from accessing the wired network.
D.    It ensures that 802.1x requirements for wired PCs can no longer be bypassed by disconnecting the
AP and connecting a PC in its place.

Answer: AD

QUESTION 155
Which option explains the passive scan technique that is used by wireless clients to discover available wireless networks?

A.    listening for access point beacons that contain available wireless networks
B.    sending a null probe request
C.    sending a null association request
D.    listening for access point probe response frames that contain available wireless networks

Answer: A

QUESTION 156
Which protocol can be used to encrypt traffic sent over a GRE tunnel?

A.    SSL
B.    SSH
C.    IPsec
D.    DH
E.    TLS

Answer: C

QUESTION 157
Which three options are security measures that are defined for Mobile IPv6? (Choose three.)

A.    IPsec SAs are used for binding updates and acknowledgements.
B.    The use of IKEv1 or IKEv2 is mandatory for connections between the home agent and mobile node.
C.    Mobile nodes and the home agents must support ESP in transport mode with non-NULL payload authentication.
D.    Mobile IPv6 control messages are protected by SHA-2.
E.    IPsec SAs are used to protect dynamic home agent address discovery.
F.    IPsec SAs can be used to protect mobile prefix solicitations and advertisements.

Answer: ACF

QUESTION 158
Which three statements are true about DES? (Choose three.)

A.    A 56-bit key is used to encrypt 56-bit blocks of plaintext.
B.    A 56-bit key is used to encrypt 64-bit blocks of plaintext.
C.    Each block of plaintext is processed through 16 rounds of identical operations.
D.    Each block of plaintext is processed through 64 rounds of identical operations.
E.    ECB, CBC, and CBF are modes of DES.
F.    Each Block of plaintext is processed through 8 rounds of identical operations.
G.    CTR, CBC, and OFB are modes of DES.

Answer: BCE

QUESTION 159
Which three statements are true about the SSH protocol? (Choose three.)

A.    SSH protocol runs over TCP port 23.
B.    SSH protocol provides for secure remote login and other secure network services over an insecure network.
C.    Telnet is more secure than SSH for remote terminal access.
D.    SSH protocol runs over UDP port 22.
E.    SSH transport protocol provides for authentication, key exchange, confidentiality, and integrity.
F.    SSH authentication protocol supports public key, password, host based, or none as authentication methods.

Answer: BEF

QUESTION 160
Which two statements are true when comparing ESMTP and SMTP? (Choose two.)

A.    Only SMTP inspection is provided on the Cisco ASA firewall.
B.    A mail sender identifies itself as only able to support SMTP by issuing an EHLO command to the mail server.
C.    ESMTP mail servers will respond to an EHLO with a list of the additional extensions they support.
D.    SMTP commands must be in upper case, whereas ESMTP can be either lower or upper case.
E.    ESMTP servers can identify the maximum email size they can receive by using the SIZE command.

Answer: CE

20% OFF Passleader 350-018 Study Materials Ensure 100% PASS